US7096496B1ExpiredUtility

Method and system for improved computer security utilizing dynamically variable security profile

66
Assignee: LENOVO SINGAPORE PTE LTDPriority: Dec 6, 1999Filed: Dec 6, 1999Granted: Aug 22, 2006
Est. expiryDec 6, 2019(expired)· nominal 20-yr term from priority
G06F 2221/2101G06F 21/575G06F 2221/2113G06F 21/31
66
PatentIndex Score
45
Cited by
15
References
10
Claims

Abstract

A system and method of providing increased security of a personal computer through the use of its operating system and initialization. The invention provides a security profile which indicates the level of authorization which the user has and the security exposure which a user will be permitted, which combines with a stored log of attempts to access the personal computer through the use of the password and the results of each attempt to provide a system where unsuccessful attempts will turn off the system. The system also includes a plurality of access levels so that some functions in the computer may be denied to a user but permitted to a system administrator. The access log also may include a record of physical security attacks or attempt, such as removing the covers of a personal computer. The system and method of the present invention have the advantage that, as a result of maintaining information on access attempt and other security information, a security profile may be established and criteria imposed on the user which will improve the security of the personal computer.

Claims

exact text as granted — not AI-modified
1. A system for establishing a level of security in a personal computer having a memory and a stored operating system, the system comprising:
 a variable security profile generated automatically when the system is turned on, said variable security profile specifying:
 a variable number of unsuccessful power-on password attempts permitted based upon at least one other factor chosen from time of day and day of week; and, 
 a security level of authorization of the user; and 
 allowing or denying use of the personal computer to the user based on the security profile. 
 
 
   
   
     2. A system for providing security in a personal computer including the elements of  claim 1  wherein the security profile includes a log of the access attempts for the personal computer and the results of each attempt. 
   
   
     3. A system of the type described in  claim 2  wherein the variable security profile can be altered to a less secure state only by a system owner through the use of a password different than the password of the user. 
   
   
     4. A system of the type described in  claim 3  for improving security of a personal computer wherein the variable security profile can be altered to a more secure state by a normal user. 
   
   
     5. A system for providing computer security including the elements set fort in  claim 4  where the variable security profile includes a plurality of binary indicators have a more secure state and a less secure state, and a normal user of the computer system may change at least one of the binary indicators from a less secure state to a more secure state. 
   
   
     6. A system for providing computer security including the elements set forth in  claim 5  wherein a user with a security password may change at least one of the binary indicators from a more secure state to a less secure state. 
   
   
     7. A method for providing improved security in a personal computer having an operating system and a security profile stored in memory, the steps of the method comprising:
 automatically generating a variable security profile with indications of greater or lesser security when the personal computer is turned on, wherein the variable security profile specifies:
 a variable number of unsuccessful power-on password attempts permitted based upon at least one other factor chosen from time of day and day of week; and, 
 a security level of authorization of the user; 
 
 storing the variable security profile in the personal computer; 
 using the variable security profile to determine what access, if any, a normal user will be permitted to have to the computer system; and 
 allowing the normal user to change the variable security profile from a level of lesser security to a level of greater security but denying the normal user permission to change the variable security profile from a level of greater security to a level of lesser security. 
 
   
   
     8. A method for providing security in a personal computer including the steps of  claim 7  and further including the step of allowing a privileged user with a security password to change the variable security profile from a level of greater security to a level of lesser security. 
   
   
     9. A method of providing security in a personal computer including the steps of  claim 8  and further including the steps of updating the variable security profile in response to a security risk. 
   
   
     10. A method of providing security in a personal computer including the steps of  claim 9  and further including the step of responding to an attempt to open a cover of the personal computer and indicating the security risk associated with the attempt to open the cover in the variable security profile.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.